ClawHub

vinci-tarot

v1.0.2

Act as a professional tarot reader—multiple spreads, full card meanings, spread selection by question, energy guidance, interpretation, and follow-up dialogue.

1· 322·0 current·0 all-time
by@superone77
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (tarot reader) align with the provided Python package: perform_reading, interpret_card, spread layouts, and data/cards.json. Required binary is only python3 and the included files implement the claimed features (spreads, card meanings, image generation). There are no unrelated credentials, binaries, or config paths requested.
Instruction Scope
SKILL.md tightly prescribes runtime behavior (clarify question → announce draw → call perform_reading → generate image → send image → interpret). That scope is appropriate for a tarot skill, but the instructions require executing local Python modules and running the generate_spread_image script which will load data/cards.json and may fetch card images from the web if local images are missing. The skill does not instruct reading unrelated system files or secrets.
Install Mechanism
There is no install spec (instruction-only), so nothing is auto-downloaded by the registry. The code includes a small requirements.txt (Pillow) and image-generation scripts. The generate_spread_image and download_card_images scripts will fetch images from a public host (IMAGE_ROOT = https://www.sacred-texts.com/tarot/pkt/img/) if local images are missing. Those network fetches are expected for image assets and come from a known host, not from an arbitrary shortener or personal server.
Credentials
The skill declares no required environment variables or credentials. The code only uses PYTHONPATH for subprocess calls and does not request tokens, keys, or unrelated secrets.
Persistence & Privilege
Flags show normal privileges (always:false). The package may write card images to a local cards/ directory when downloading assets; that is proportional to its function and scoped to its own files. It does not modify other skills or system-wide configuration.
Assessment
This skill appears to do what it says: a local Python tarot reader that can generate spread images. Things to consider before installing: (1) it will execute Python code from the skill package (perform_reading and image scripts), so only install if you trust the skill source; (2) on first image-generation run it may perform network requests to https://www.sacred-texts.com to download card art and will write images into a local cards/ directory — if you prefer no network activity, pre-populate cards/ with 78 images or run image generation with --images-dir pointing to an offline folder; (3) follow INSTALL.md steps (pip install Pillow) in a virtualenv to avoid affecting system packages; (4) no credentials are requested and there are no obvious hidden endpoints, but if you want extra safety run the code in a sandboxed environment and review the short Python scripts (generate_spread_image and download_card_images) yourself.

Like a lobster shell, security has layers — review code before you run it.

latestvk972as6ref715c32bf57qcxn0d822aqj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔮 Clawdis
Binspython3

Comments